﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Services;
using ThisIsELearning.Model;
using System.Security.Cryptography;

namespace ThisIsELearning.SystemManagement.Controller
{
    /// <summary>
    /// Summary description for AuthenticationService
    /// </summary>
    [WebService(Namespace = "http://tempuri.org/")]
    [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    [System.ComponentModel.ToolboxItem(false)]
    // To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line. 
    // [System.Web.Script.Services.ScriptService]
    public class AuthenticationService : System.Web.Services.WebService
    {

        [WebMethod(EnableSession = true)]
        public User isUserLoggedIn()
        {
            if (Context.Session["UserSession"] != null)
                return (User)Context.Session["UserSession"];
            else
            {
                //string cookieValue = cookieValue = HttpContext.Current.Request.Cookies["UserSessionCookie"].Value;
                return null;
                //if (cookieValue.Equals("User Logged Out") || cookieValue == null)
                //    return null;
                //else
                //    return b;
            }
        }

        [WebMethod(EnableSession = true)]
        public User authenticateUser(string loginId, string password)
        {
            DataManager manager = new DataManager();

            var user = from u in manager.Users
                       where u.loginId == loginId
                       select u;

            List<User> users = user.ToList();
            if (!users.Any())
                return null;
   
            User theUser = users.First();
            using (MD5 md5Hash = MD5.Create())
            {
                string userInputPasswordHash = SecurityUtils.GetMd5Hash(md5Hash, password);

                if (userInputPasswordHash.Equals(theUser.password))
                {
                    Context.Session["UserSession"] = theUser;
                    HttpCookie userSessionCookie = new HttpCookie("UserSessionCookie");
                    userSessionCookie.Value = "User logged in";
                    userSessionCookie.Expires = DateTime.Now.AddDays(1);

                    HttpContext.Current.Response.Cookies.Add(userSessionCookie);

                    if (theUser.GetType() == typeof(Parent))
                        return theUser as Parent;
                    else if (theUser.GetType() == typeof(Student))
                        return theUser as Student;
                    else if (theUser.GetType() == typeof(Publisher))
                        return theUser as Publisher;
                    else if (theUser.GetType() == typeof(Admin))
                        return theUser as Admin;
                    else
                        return theUser;
                }
                else
                {
                    return null;
                }
            }
        }

        [WebMethod(EnableSession = true)]
        public void logUserOff()
        {
            if (Context.Session["UserSession"] != null)
            {
                Context.Session.Remove("UserSession");
                HttpCookie theCookie = HttpContext.Current.Request.Cookies.Get("UserSessionCookie");
                theCookie.Value = "User Logged Out";

                HttpContext.Current.Response.Cookies.Add(theCookie);
            }
        }
    }
}
